sternr
sternr

Reputation: 6506

Azure Blob CORS Access-Control-Allow-Origin Ignored by the browser

I've setup a new blob storage account on my Azure account and configured it to allow CORS using the following configurations:

serviceProperties.Cors = new CorsProperties();
            serviceProperties.Cors.CorsRules.Add(new CorsRule()
            {
                AllowedHeaders = new List<string>() { "*" },
                AllowedMethods = CorsHttpMethods.Put | CorsHttpMethods.Get | CorsHttpMethods.Head | CorsHttpMethods.Post | CorsHttpMethods.Delete,
                AllowedOrigins = new List<string>() { "*" },
                ExposedHeaders = new List<string>() { "*" },
                MaxAgeInSeconds = 1800 // 30 minutes
            });

And yet I still get the following error from my js code:

Origin <MY-SITE-URL> not found in Access-Control-Allow-Origin header

Looking on the response headers of the image, I see:

Access-Control-Allow-Origin: *

So why doesn't it work?

Upvotes: 2

Views: 2358

Answers (1)

Are you setting the withCredentials property on the xmlhttprequest to true? If yes the browser will reject wildcard Access-Control-Allow-Origin.

Check out the following links for more helpful information:

Upvotes: 1

Related Questions